class CompanyController < ApplicationController
  
  before_filter :admin_required, :only => :destroy
  
  def new
    @company = Company.new
    @user = User.new
  end
  
  # Create company and admin user as default
  def create
    # Prevents from attacks
    cookies.delete :auth_token
    @company = Company.new(params[:company])
    up = params[:user]
    up[:admin] = true # Make sure that a first user is admin
    @user = @company.users.build(up)
    if @company.save
      reset_session if logged_in?
      redirect_to login_path(:subdomain => @company.subdomain)
    else
      render :action => 'new'
    end
  end
  
  # Company hasn't been authorized
  def unauthorized
    render :layout => 'not_auth'
  end
  
end
